Fortinet, Inc.
DNS (DOMAIN NAME SERVER)-BASED APPLICATION-AWARE ROUTING ON SD-WAN (SOFTWARE-DEFINED WIDE ACCESS NETWORK)

Abstract:

Applications associated with the network data packet are identified by parsing the network data packet of the received network data packets to identify a second-level domain from a destination IP address and searching the second-level domain database to identify the application associated with the second-level domain. It is determined whether the network data packet comprises a DNS packet or a non-DNS packet. Responsive to the network data packet comprising a DNS packet, a second-level domain database in real-time is updated by storing the destination IP address in association with the second-level domain, the second-level domain associated with the application. Responsive to the network data packet comprising a non-DNS packet, a network policy for enforcement on the identified application and routing the network data packet in accordance with the network policy for the application is identified.